A Cross-Site Scripting (XSS) vulnerability was found in Zimbra
Collaboration Suite (ZCS). This issue allows an attacker to perform a
wide variety of actions such as performing arbitrary actions on their
behalf or presenting a fake login screen to collect usernames and
passwords. In order to exploit this issue, the attacker has to lure a
victim into opening a specially crafted email in ZCS.